Computer processor systems may be configured to virtualize underlying host physical resources and to arbitrate access to the resources by one or more guest operating systems.
Virtualization features, including hardware implemented virtualization features, may be initiated or compromised by conflicting or incorrect versions of drivers or applications, or by malicious code, such as hyper-jacking code, virtualizing root-kits, and other malware.
Heuristic-based evaluations, such as evaluations of translation look-aside buffer behavior and timing inconsistencies, may not provide sufficiently accurate indications of virtualization or malware.
Detection processes running within an operating environment, such as anti-virus programs, may be vulnerable to attack, modification, or circumvention by malware. For example, malware may utilize virtualization features to virtualize operating system components including anti-virus software running therein.
In the drawings, the leftmost digit(s) of a reference number identifies the drawing in which the reference number first appears.